<?php

switch (getenv('APPLICATION_ENV')) {
    case 'development'://DEV
        $id_url = 'http://id.banbedev.net';
        $bb_domain = 'banbedev.net';
        break;
    case 'qc'://QC
        $id_url = 'http://qc.id.fpt.net';
        $bb_domain = 'banbe.net';
        break;
    case 'production'://PROD
    default:
        $id_url = 'http://id.fpt.net';
        $bb_domain = 'banbe.net';
        break;
}//end switch

$action = isset($_GET['action']) ? $_GET['action'] : '';
$domain = (isset($_GET['sdomain']) && $_GET['sdomain'] == 1) ? 'document.domain = "' . $bb_domain . '";' : '';
switch ($action) {
    case 'iframe':
        echo '<script type="text/javascript">
        ' . $domain . '
		window.parent.loginCallback("' . $_GET['type'] . '","' . $_GET['data'] . '");
		</script>';
        break;
    case 'logout':
        session_start();
        session_destroy();
    case 'login':
        $intTime = isset($_GET['t']) ? (time() + intval($_GET['t'])) : 0;
        $intTime = $action == 'logout' ? (time() - 3600) : $intTime;
        //get domain by Host
        preg_match("/[^\.\/]+\.[^\.\/]+$/", $_SERVER['HTTP_HOST'], $matches);
        //set cookie Auth
        setcookie('Auth', ($_GET['sid'] ? $_GET['sid'] : ''), $intTime, '/', '.' . $matches[0], 0, true);

        echo'<html><head><script type="text/javascript"> <!--
  if(window.postMessage && window.parent){window.parent.postMessage(' . (isset($_GET['value']) ? $_GET['value'] : 0) . ',"' . $id_url . '");}
            --></script></head></html>';
        break;
    case 'kickoff':
        if ($_GET['sid']) {
            //set session_id new
            session_id($_GET['sid']);
            //session_destroy
            session_destroy();
        }//end if
        echo '1';
        break;
    default:
        break;
}//end switch
?>